Microsoft Fixes Clickjacking in IE8?
"Microsoft has introduced a release client version of its latest browser, Internet Explorer 8 (IE8), and the new iteration of the application includes several security improvements, including a noteworthy attempt to address the emerging problem of clickjacking attacks.
For those who don't recall, clickjacking is a relatively new technique -- first detailed in mid-2008 by researchers Jeremiah Grossman and Robert Hansen, among others -- which involves using widely-available vulnerabilities to take control of an end user's browser.
The idea is that simply by tricking a visitor into arriving at an infected URL, an attacker can manipulate the affected end users' browser session to get them to do just about anything the hackers desires, such as downloading malware, and at the time it was first reported publicly, there were clickjacking vulnerabilities available in just about every major browser, including IE7.
Now, to carry out these kinds of campaigns, obviously the involved attackers need to both subvert Web sites (the more legitimate the better) and have the browser vulnerabilities available that allow them to deliver their code."
Read more: http://securitywatch.eweek.com/exploits_and_attacks/microsoft_goes_after_clickjacking_in_ie8.html
what about Mozilla ??
did they fix up this vulnerability in Mozilla ??
Posted by: Anonymous | Jan 28, 2009 4:46:02 PM
I have no idea what plans Mozilla has to fix this in Firefox.
Posted by: Robert | Jan 28, 2009 4:48:28 PM
Hey thanks for sharing.
M sure soon it will be fixed even in Mozilla too.
IE's main drawback has always been its security problem. M sure this one will work well.
Posted by: offshore development | Jan 30, 2009 6:02:16 AM
Mozilla has always satisfied me. And go to IE will not. Suppose that the safety statistics.
Posted by: jobgomel | Feb 15, 2009 6:06:20 AM